<?php
/******************************************************
v4 - Management Framework
Copyright (C) 2008  Gary Taylor, gMerc Incorporation
http://www.gmerc.com/v4/

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.

gary@gmerc.com
******************************************************/
session_start();
/* echo $_SERVER['REQUEST_URI']."<br>".$_SERVER['QUERY_STRING']."<br>"; */
$startmicrotime=microtime_float();


/* Set Page To NO-Cache */
if ($masterclass->mainconfig['debug']=='1') {
  header( "Expires: " . gmdate("D, d M Y H:i:s") . " GMT" );
  header( "Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT" );
  header( "Cache-Control: no-cache, must-revalidate" );
} else
if ($masterclass->websiteconfig['cache_site']=='1') {
  header('Expires: '.gmdate('D, d M Y H:i:s', time()+84600).' GMT');
  header('Last-Modified: '.gmdate('D, d M Y H:i:s', time()).' GMT');
  header('Cache-Control: max-age');
}


require_once 'include/master.inc.php';

/* Grab WEB URL Information */
if (substr_count($_SERVER['SERVER_NAME'],'.')==1) {
  $masterclass->site['domain'] = $_SERVER['SERVER_NAME'];
  $masterclass->site['thirdlevel']='';
} else {
  $masterclass->site['domain'] = substr($_SERVER['SERVER_NAME'],strrpos(substr($_SERVER['SERVER_NAME'],0,strrpos($_SERVER['SERVER_NAME'],'.')),'.')+1);
  $masterclass->site['thirdlevel'] = substr($_SERVER['SERVER_NAME'],0,(strlen($_SERVER['SERVER_NAME'])-(strlen($masterclass->site['domain'])+1)));
}
$masterclass->site['urlinfo_filename']=$_SERVER['SCRIPT_NAME'];
$masterclass->site['urlinfo_querystring']=$_SERVER['QUERY_STRING'];


if ($_SERVER['HTTPS']=='on' && $_SERVER['SERVER_PORT']=='443') {
  $masterclass->site['urlinfo_pagename']=str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']);
  $masterclass->site['server_path']=$masterclass->mainconfig['server_v4fulldir'];
} else {    
  $masterclass->site['urlinfo_pagename']=str_replace($_SERVER['DOCUMENT_ROOT'].'/'.$masterclass->site['domain'].'/'.$masterclass->site['thirdlevel'],'',$_SERVER['SCRIPT_FILENAME']);
  $masterclass->site['server_path']=$_SERVER['DOCUMENT_ROOT'].'/'.$masterclass->site['domain'].'/';
  if ($masterclass->site['thirdlevel']!='') { $masterclass->site['server_path'].=$masterclass->site['thirdlevel']; } else { $masterclass->site['server_path'].='www'; }
  $masterclass->site['server_path'].=$masterclass->mainconfig['dir'];
}


/* Grab sitevars Object variables */
if (isset($_GET)) {
  foreach($_GET as $key => $value) {
    $masterclass->sitevars[$key]=$value;
  }
}
if (isset($_POST)) {
  foreach($_POST as $key => $value) {
    $masterclass->sitevars[$key]=$value;
  }
}

/* Fixup Post Actions into an Array */
if (!isset($masterclass->sitevars['post_action']) || $masterclass->sitevars['post_action']=='') { $masterclass->sitevars['post_action']=array(); }
if (strstr($masterclass->sitevars['post_action'],",")) { $masterclass->sitevars['post_action']=explode(",",$masterclass->sitevars['post_action']); } else { $masterclass->sitevars['post_action']=array($masterclass->sitevars['post_action']); }


if ($masterclass->mainconfig['include_authentication']=='1') {
  require $masterclass->mainconfig['v4rootdir'].'lib/authentication.lib.php';
  $masterclass->allclasses['authentication']=new authentication();
  
  if ($_SESSION['authtoken']=='') {
    $masterclass->site['page']='login';
    $masterclass->site['dirpath']='';
  } else {
    $checktokencall=$masterclass->site['authentication_type'].'checktoken';
    $checktokentimeoutcall=$masterclass->site['authentication_type'].'checktokentimeout';  
    if (!isset($_SESSION['authtoken']) || $_SESSION['authtoken']=='') {
      // echo 'NO AUTHENTICATED TOKEN';
      $masterclass->site['page']='login';
      $masterclass->site['dirpath']='';
    } else
    if ($masterclass->allclasses['authentication']->$checktokencall()==0) {
      //echo 'BAD AUTHENTICATED TOKEN';
      $masterclass->site['page']='login';
      $masterclass->site['dirpath']='';
    } else
    if ($masterclass->allclasses['authentication']->$checktokentimeoutcall()==0) {
      //echo 'TIMEOUT';
      $masterclass->site['page']='login';
      $masterclass->site['dirpath']='';
    } else {
      if ($masterclass->unify_permissionvalue($masterclass->site['defaultpagepermission'])==0) {
        $checkpermissioncall=$masterclass->site['authentication_type'].'check_permission';
        if (is_callable(array($masterclass->allclasses['authentication'], $checkpermissioncall))) {
          if ($masterclass->allclasses['authentication']->$checkpermissioncall('','page',$masterclass->site['dirpath'],$masterclass->site['page'])=='0') {
           echo 'NO PERMISSION TO THIS PAGE<br><a href="#" OnClick="window.close();">Close Window</a>';exit();
          }
        } 
      }
    }
  }
}

$masterclass->loadpage();

/* Website Autentication */
  if ($_POST['rsargs'][2]!='' && $_SESSION['login_authid']!='' && $_POST['rsargs'][2]==$_SESSION['login_authid']) {
    unset($_SESSION['login_authid']);
    $masterclass->sitevars['login_username']=$_POST['rsargs'][0];
    $masterclass->sitevars['login_password']=$_POST['rsargs'][1];
    $masterclass->site['page']='login';
    $masterclass->site['dirpath']='';
  }

  if ($masterclass->site['page']=='login' && $masterclass->site['dirpath']=='') {
    $_SESSION['authtoken']='';
    if ($masterclass->sitevars['postid']!='' && $_SESSION['post_authid']!='' && $masterclass->sitevars['postid']==$_SESSION['post_authid']) {
      if (isset($masterclass->site['captcha_flag'])) {
        if ($masterclass->allclasses['captcha']->captcha_validate_word($_POST['captcha_val'],$_POST['captchaid'])=='1') {
          $loginauthcall=$masterclass->site['authentication_type'].'loginauth';
          $masterclass->allclasses['authentication']->$loginauthcall($masterclass->sitevars['login_username'],$masterclass->sitevars['login_password']);
        }
      } else {
        $loginauthcall=$masterclass->site['authentication_type'].'loginauth';
        $masterclass->allclasses['authentication']->$loginauthcall($masterclass->sitevars['login_username'],$masterclass->sitevars['login_password']);
      }

    }
  } else
  if (($masterclass->site['page']=='logout' || $masterclass->site['page']=='closewindow') && $masterclass->site['dirpath']=='') {
    /* Un Authorized Pages, Do Nothing */
  }

/* Add Website Support */
require $masterclass->mainconfig['v4rootdir'].'lib/websites.lib.php';
require $masterclass->mainconfig['v4rootdir'].'lib/sitebox.lib.php';
$masterclass->allclasses['websites']=new sitebox();
if ($masterclass->mainconfig['include_sajax']=='1') { require $masterclass->mainconfig['v4rootdir'].'lib/Sajax.php'; }

/* Add Captcha Support */
if (isset($masterclass->site['captcha_flag']) && ($masterclass->site['dirpath']=='' && $masterclass->site['page']=='captcha_image')) {
  $masterclass->sitevars['nohtml']='1';
} else if (isset($masterclass->site['captcha_flag'])) {

  $masterclass->site['captcha_id']='';
  // some easy-to-confuse letters taken out C/G I/l Q/O h/b 
  $letters = "ABCDEFGHIJKLMNOPQRSTUWXYZ1234567890";
  for ($i = 0; $i < 13; ++$i) {
    $masterclass->site['captcha_id'].= substr($letters, rand(0,strlen($letters)-1), 1);
  }

  $_SESSION['captcha_val_'.$masterclass->site['captcha_id']]=$masterclass->allclasses['captcha']->captcha_generate_word();

  $captcha_link='';

  if ($masterclass->mainconfig['include_sajax']=='1') {
    $captcha_link.='<div id="captcha_overlay">';
    $captcha_link.=$masterclass->allclasses['captcha']->captcha_image_overlaylink('150','75');
    $captcha_link.='<input type="hidden" name="captcha_actionlist" id="captcha_actionlist" value="">';
    $captcha_link.='</div>';
  }
  
  $masterclass->websiteconfig['sajax_export'][]='captcha_overylay_auth';

}
if (!isset($masterclass->sitevars['nohtml'])) {
if ($masterclass->mainconfig['include_sajax']=='1') {
  $GLOBALS['sajax_debug_mode']=$masterclass->mainconfig['debug'];
  $GLOBALS['sajax_remote_uri']=$masterclass->mainconfig['dir'].'index.php?'.$_SERVER['QUERY_STRING'];
  sajax_init();
  sajax_export('grabdata','ajax_login');

  if (!empty($masterclass->websiteconfig['sajax_export'])) {
    foreach ($masterclass->websiteconfig['sajax_export'] as $sajaxex) { sajax_export($sajaxex); }
  }
  sajax_handle_client_request();
}


if ($masterclass->sitevars['postid']!='' && $_SESSION['post_authid']!='' && $masterclass->sitevars['postid']==$_SESSION['post_authid']) {
  $postname=array();
  $sp=$masterclass->site['page'];
  $querystring='';
  $newlocation='';
  
  
  if (isset($masterclass->site['captcha_flag'])) {
    if ($_POST['captcha_val']==$_SESSION['captcha_auth_'.$masterclass->sitevars['captchaid']]) { 
      $masterclass->site['captcha_post_auth']='1';
    }
    unset($_SESSION['captcha_val_'.$masterclass->sitevars['captchaid']]);
    unset($_SESSION['captcha_auth_'.$masterclass->sitevars['captchaid']]);
  } else {
    $masterclass->site['captcha_post_auth']='1';
  }
 
  if (is_callable(array($masterclass->allclasses[$sp],savedata))) {
    $newlocation=$masterclass->allclasses[$sp]->savedata();
  }

  if ($newlocation=='') {
    $newlocation=$masterclass->urllocation_update();
  }
  if ($newlocation=='') {
    if (isset($masterclass->site['forward']) && $masterclass->site['forward']!='') {
      if ($masterclass->site['forward']=='window.close();') {
        $newlocation=$masterclass->mainconfig['dir'].'closewindow.php';
      } else {
        $newlocation=$masterclass->site['forward'];
      }
    }
  }
  if ($newlocation=='') {
   if ($masterclass->sitevars['action']!='') {
     $newlocation.=$masterclass->mainconfig['dir'].$masterclass->mainconfig['htmldirectory'].$masterclass->site['dirpath'].$masterclass->site['page'].".php?".$masterclass->trackingvar_query();
   }
  }
  if ($newlocation=='') {
    if ($_SERVER['HTTP_REFERER']!='') { $newlocation=$_SERVER['HTTP_REFERER']; }
  }

  if ($newlocation!='' && $masterclass->site['jscommands']!='' && $masterclass->mainconfig['iswapdevice']=='1') {
    header("Location: $newlocation");
    exit();
  }
  
  echo $masterclass->allclasses['websites']->add_html();

  echo "<head>\n";
  echo "<script language=\"javascript\">\n";
/*
*** Need to figure out how to make the updated tables complete ***
*/
  if (isset($masterclass->site['updatefunction']) && !empty($masterclass->site['updatefunction'])) {
    foreach ($masterclass->site['updatefunction'] as $updatefunction) {

      echo "if (parent) {\n";
      echo "  if (parent.".$updatefunction.") {\n";
      echo "    parent.".$updatefunction."();\n";
      echo "  }\n";
      echo "}\n";
      echo "if (opener) {\n";
      echo "  if (opener.".$updatefunction.") {\n";
      echo "    opener.".$updatefunction."();\n";
      echo "  }\n";
      echo "}\n";

    }
  }

  echo "function winGoto() {\n";
  echo "  window.location='$newlocation';\n";
  echo "}\n";

  if ($masterclass->site['jscommands']!='') {
    echo $masterclass->site['jscommands'];
  }
  echo "winGoto();\n";
  echo "</script>\n";
  echo "</head>\n";

  echo $masterclass->allclasses['websites']->add_body();
  echo $masterclass->websiteconfig['page_processing'];
  echo $masterclass->allclasses['websites']->sitefooter();
 
exit();
}


/* create new random postid */
$_SESSION['post_authid']='ufuckershitfacebitch';

  echo $masterclass->allclasses['websites']->add_html();
  echo $masterclass->allclasses['websites']->add_meta();
  echo "<head>\n";
  echo $masterclass->allclasses['websites']->add_title();
  echo $masterclass->allclasses['websites']->add_meta();
  echo $masterclass->allclasses['websites']->add_css();
  if ($masterclass->mainconfig['iswapdevice']!='1') { echo $masterclass->allclasses['websites']->add_js(); }
  if ($masterclass->mainconfig['include_sajax']=='1' && $masterclass->mainconfig['iswapdevice']!='1') {
    echo "\n<script language=\"javascript\">\n";
    sajax_show_javascript();
    echo "\n</script>\n";
  }
  if ($_SESSION['jscommands']!='') {
    echo "<script language=\"javascript\">\n";
    echo JSMin::minify($_SESSION['jscommands'])."\n";
    echo "</script>\n";
    unset($_SESSION['jscommands']);
  }
  echo "</head>\n";
  echo $masterclass->allclasses['websites']->add_body();
  echo '<form method="post" action="'.$masterclass->mainconfig['dir'].'index.php" id="frm" name="frm" enctype="multipart/form-data">';

  if (isset($masterclass->site['postfields']) && !empty($masterclass->site['postfields'])) {
    $masterclass->loadformvars($masterclass->site['postfields']);
  }
  echo $masterclass->allclasses['websites']->load_tracking_inputs();

  if ($masterclass->mainconfig['iswapdevice']!='1') {
  
    echo $captcha_link;
  
    if (isset($masterclass->websiteconfig['page_loading']) && $masterclass->websiteconfig['page_loading']!='') {
      echo '<div id="loadingcontainer_overlay" style="visibility: visible;"><div>'.$masterclass->websiteconfig['page_loading'].'</div></div>';
      echo "\n";
    }
    if (isset($masterclass->websiteconfig['page_processing']) && $masterclass->websiteconfig['page_processing']!='') {
      echo '<div id="processingcontainer_overlay" style="visibility: hidden;"><div>'.$masterclass->websiteconfig['page_processing'].'</div></div>';
      echo "\n";
    }
  }

  echo '<div id="maincontainer" ';
  if (isset($masterclass->websiteconfig['page_processing']) && $masterclass->websiteconfig['page_processing']!='' && $masterclass->mainconfig['iswapdevice']!='1') { echo ' style="display:none;" '; }
  echo ">\n";

}

echo $masterclass->allclasses[$masterclass->site['page']]->display();

if (!isset($masterclass->sitevars['nohtml'])) {

echo '</div>';

  if (isset($masterclass->site['captcha_id']) && $masterclass->site['captcha_id']!='') { echo '<input type="hidden" name="captchaid" id="captchaid" value="'.$masterclass->site['captcha_id'].'">'; }
  echo '<input type="hidden" name="postid" value="'.$_SESSION['post_authid'].'">';
  echo '<input type="hidden" name="post_action" id="post_action" value="">';
  echo '<input type="hidden" name="dirpath" value="'.$masterclass->sitevars['dirpath'].'">';
  echo '<input type="hidden" name="page" value="'.$masterclass->sitevars['page'].'">';
  echo '</form>';


  echo $masterclass->allclasses['websites']->sitefooter(); 
  echo "\n<!--\n";

  $endmicrotime=microtime_float();
  $runtime=($endmicrotime-$startmicrotime);
  //echo "<br>".$runtime."<br><br>";
  if ($masterclass->mainconfig['debug']=='1' || $masterclass->mainconfig['debug_masterclass']=='1') { echo "<pre>";print_r($masterclass);echo "</pre>"; }

  echo "\n-->\n";
}

function grabdata() {
  global $masterclass;

  $runcmd=$_POST['rsargs'][0]; if (strstr($runcmd,',')) { $runcmd=explode(',',$runcmd); } else { $runcmd=array($runcmd); }

  $masterclass->site['grabdata_vars']=array();
  $masterclass->site['grabdata_msg']=array();

  foreach ($runcmd as $rc) {
    if ($rc!='') {
      if (is_callable(array($masterclass->allclasses[$masterclass->site['page']], $rc))) { $masterclass->allclasses[$masterclass->site['page']]->$rc(); } else {
          $masterclass->site['grabdata_msg'][]='$masterclass->allclasses['.$masterclass->site['page'].']->'.$rc.' Cannot be called';
      }
    }
  }

  return array($masterclass->site['grabdata_vars'],$masterclass->site['grabdata_msg']);
}
  function ajax_login($login_user='',$login_pass='',$login_captcha='') {
    global $masterclass;

     if (isset($_POST['rsargs']) && !empty($_POST['rsargs'])) {
      $login_user=$_POST['rsargs'][0];
      $login_pass=$_POST['rsargs'][1];
      $login_captcha=$_POST['rsargs'][2];
      $login_captchaid=$_POST['rsargs'][3];
     }
 
    if ( (!isset($masterclass->site['captcha_flag'])) || ($masterclass->allclasses['captcha']->captcha_validate_word($login_captcha,$login_captchaid)=='1') ) {
      $loginauthcall=$masterclass->site['authentication_type'].'loginauth';
      $masterclass->allclasses['authentication']->$loginauthcall($login_user,$login_pass);
    }
  
  return;
  }
  function captcha_overylay_auth($str='',$id='',$actionlist='') {
    global $masterclass;

    if (isset($_POST['rsargs']) && !empty($_POST['rsargs'])) {
      $str=$_POST['rsargs'][0];
      $id=$_POST['rsargs'][1];
      $actionlist=$_POST['rsargs'][2];
    }
    
    $masterclass->allclasses['captcha']->captcha_validate_ajax($str,$id,$actionlist);
   
  return array($masterclass->site['captcha_overlay_auth_vars']['captcha_message'],$masterclass->site['captcha_overlay_auth_vars']['run_command']);
  }
  
function microtime_float() {
  return (float) (vsprintf('%d.%06d', gettimeofday()));
}
?>